SAP urges companies to implement security patches across their entire suite of enterprise software to protect against vulnerabilities that are actively exploited by cyber criminals. The warning comes from the fact that companies in various industries can become victims of hack attacks because of their unpatched solutions.

The German multinational software company published a joint report on Tuesday with the security company Onapsis, in which it is pointed out that SAP enterprise resource planning, supply chain systems and customer relationship management software are being targeted.

The SAP fixes have been available for months and in some cases years, but the two companies say many companies don’t need to install critical security fixes yet.

Between June 2020 and March 2021, Onapsis researchers tracked 1,500 attempted attempts Attacks in which SAP vulnerabilities were exploited. At least 300 of them were successful. The attacks are being launched by multiple groups around the world, the researchers found.

Some of the vulnerabilities allow malicious hackers to take complete control of corporate systems. This can lead to data theft, fraud and business disruption. Unpatched systems are also at increased risk of malware infections, e.g. B. Ransomware to lock files.

More than 400,000 companies worldwide use SAP software, including 92% of Forbes Global 2000 companies. Its solutions are used in a number of industries, which means that unpatched vulnerabilities can be used to target companies from logistics to fintech.

The potential risk prompted the US Agency for Cybersecurity and Infrastructure Security to issue its own warning on Tuesday recommending that organizations “apply the necessary updates and remedial measures”.

Onapsis stated, Watching some cyber attackers fix vulnerabilities once they gain access and install a backdoor to a network to avoid detection.

There is evidence that some of the groups are coordinating their attacks, the security firm said.

“Attackers who exploited source systems other than those used for subsequent manual logins have been detected indicates the possibility that coordinated groups and / or actors may use the widespread attack infrastructure, “the report said.

“While this behavior is common when analyzing operating system and network-based attacks, these data provide indications that the same approach is also used for targeting business-critical applications, since these actors are TOR nodes and distributed VPS Use infrastructures to start the attacks and escalate privileges. ”

The most important aspect for CIOs, CISOs, and other security professionals is to ensure that the latest SAP patches are installed and to monitor for malicious activity that may already be on corporate networks.

Function isEmail (E-Mail) {
var regex = / ^ ([a-zA-Z0-9_. -]) @ (([a-zA-Z0-9-]) .) ([a-zA-Z0-9] {2,4 }) $ /;
return regex.test (email);

(Function ($) {
$ (Document) .ready (function () {
$ (‘form.widget_wysija’) .submit (function (s) {
e.preventDefault ();
setTimeout (function () {
var msg = $ (‘.wysija-msg’);
var email = $ (‘# form-validation-field-0’) .val ();
if (msg.text ()! == ”) {
//window.location.replace (‘http: // your_thank_you_page_url’);
// alert (email);
jQuery.ajax ({
Type: “POST”,
URL: “/wp-admin/admin-ajax.php”,
Data: {E-Mail: E-Mail, Action: ‘add_to_mail’},
Success: Function (data) {

// alert (data);

return wrong;

}, 3000);
}) (window.jQuery);

“Although patches have been available for months and even years, attackers are still finding and using unpatched SAP systems,” said Scott Caveza, research engineering manager at cybersecurity firm Tenable.

“This is a reminder to administrators of sensitive data and applications that applying patches, mitigation, or workarounds is of the utmost importance to thwart malicious actors who want to exploit known vulnerabilities.”

Powered by